7COM1069 Cyber Operations: Deep Packet Analysis using Wireshark Report

This report details a deep packet analysis using Wireshark to identify a TCP SYN flood attack. The analysis begins with a statistical overview of the captured network traffic, including packet lengths, encapsulation methods, and protocol hierarchies. The report then proceeds to identify the attack through the examination of conversation statistics and the application of specific Wireshark filters to isolate suspicious traffic patterns. The methodology includes the use of I/O graphs and protocol hierarchy views to visually represent the attack. The report explains the operational mechanics of a TCP SYN flood attack and provides practical results from the Wireshark analysis, confirming the presence of the attack through the high volume of SYN packets. The document concludes by demonstrating the effectiveness of Wireshark in detecting malicious activities and emphasizes the importance of proactive measures in network security.